漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Arbitrary File delete
Vulnerability Description
Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to authenticated arbitrary file delete vulnerability induced due to improper input validation at server/maps_srv.js with action removeBackground and server/node_upgrade_srv.js with action removeFirmware. An attacker can send specially crafted packets to delete the files on the system where IPM software is installed.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
Eaton Intelligent Power Manager 输入验证错误漏洞
Vulnerability Description
Eaton Intelligent Power Manager(IPM)是美国Eaton公司的一款智能电源管理器,它支持从界面远程监视和管理网络中的多个设备。 Eaton Intelligent Power Manager 1.69 之前版本存在输入验证错误漏洞,攻击者可利用该漏洞可以发送专门制作的数据包来删除安装IPM软件的系统上的文件。
CVSS Information
N/A
Vulnerability Type
N/A